Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
766
Views
5
Helpful
2
Replies

Cisco NAC policy sync

a7med_magdy
Level 1
Level 1

‎11-08-2010 02:15 AM - edited ‎02-21-2020 04:08 AM

I have a failover CAM configured, one is configured as the Master and the other one is receiver.

when I do manual sync between them this is what happen:

Successfuly completed pre-sync check with 10.10.80.248

then I click continue it fails to sync:

this is the log :

*************** Master Log ***************

Starting policy import/export on Policy Sync Master.

Created dump file for policy: Device Management > Filters > Devices (all Access Types other than ROLE and CHECK)

Created dump file for policy: User Management > User Roles > List of Roles/Schedule

Created dump file for policy: Device Management > Clean Access > Clean Access Agent > Role-Requirements

Created dump file for policy: Device Management > Filters > Devices (Access Type ROLE and CHECK only)

Created dump file for policy: User Management > Traffic Control > IP

Created dump file for policy: User Management > Traffic Control > Host

Created dump file for policy: User Management > Traffic Control > Ethernet

Dump file creation is complete.

Created policy import/export dump file.

No file available for policy sync as large object.

Created  policy import/export header file.

Created policy import/export tar file.

*************** Receiver Log ***************

Starting policy import on Policy Sync Receiver.

Hash value is a match.

Policy Sync Master and Receiver CAM versions match.

The Policy Sync Reciever is not active, Please retry policy sync later.

Failed to store all policies on Policy Sync Receiver.

Receiver failed sync

0 Helpful
2 Replies 2

Tiago Antunes
Cisco Employee
Cisco Employee

‎11-08-2010 02:52 AM

Hi,

Please note that this feature is not meant to be used between 2 CAMs of an HA pair.

As you can see on the config guide:

http://www.cisco.com/en/US/docs/security/nac/appliance/configuration_guide/48/cam/m_admin.html#wp1050935,

- All CAMs must run release 4.5 or later to enable Policy Sync.

- On CAM HA-pairs, Policy Sync settings are disabled for the Standby CAM.

So, this means you can use this feature only in active CAMs or Standalone CAMs.

In HA pairs, Only the Active CAM will be active for this feature.

HTH,

Tiago

--

If  this helps you and/or answers your question please mark the question as  "answered" and/or rate it, so other users can easily find it.

a7med_magdy
Level 1
Level 1
In response to Tiago Antunes

‎11-09-2010 03:47 AM

thanks for your response

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card